<?php

if(!defined('IN_AACMS') || !defined('IN_ADMINCP')) {
	exit('Access Denied');
}

include_once libfile('function/article');
include_once libfile('function/articlecp');
loadcache('articlecat');
$category = $_G['cache']['articlecat'];
$mpurl = ADMINSCRIPT.'?action=article&operation='.$operation;

if($operation == 'list') {
	
	if(submitcheck('articlesubmit')) {
		$ids = dimplode($_POST['ids']);
		
		if(!$ids) {
			cpmsg('article_choose_at_least_one_article', 'action=article&operation=list', 'error');
		}
		if(!$_POST['optype']) {
			cpmsg('article_choose_at_least_one_operation', 'action=article&operation=list', 'error');
		}
		if($_POST['optype'] == 'trash') {
			
			DB::delete('article_trash', "aid IN($ids)");
			DB::query('INSERT INTO '.DB::table('article_trash').' SELECT * FROM '.DB::table('article')." WHERE aid IN($ids)");
			DB::delete('article_index', "aid IN($ids)");
			DB::delete('article', "aid IN($ids)");
			cpmsg('article_trash_succeed', 'action=article&operation=list', 'succeed');
			
		} elseif($_POST['optype'] == 'move') {
		
			$tocatid = intval($_POST['tocatid']);
			$catids = DB::getCol("SELECT catid FROM ".DB::table('article')." WHERE aid IN($ids)");
			$catids[] = $tocatid;
			
			DB::query('UPDATE '.DB::table('article')." SET catid='{$tocatid}' WHERE aid IN($ids)");
			DB::query('UPDATE '.DB::table('article_index')." SET catid='{$tocatid}' WHERE aid IN($ids)");
			update_articlecat($catids);
			cpmsg('article_move_succeed', 'action=article&operation=list', 'succeed');
			
		}
	}
		
	$wherearr = array(1);
	
	if($_GET['catid']) {
		$catid = intval($_GET['catid']);
		$mpurl .= '&catid='.$catid;
		$catids = $category[$_GET['catid']]['children'];
		$catids[] = $catid;
		$wherearr[] = 'catid IN ('.dimplode($catids).')';
	}
	$wheresql = implode(' AND ', $wherearr);
	$orders = getorder(array('dateline'), 'aid');
	$ordersql = $orders['sql'];

	$count = article_count($wheresql);
	$perpage = 15;
	$page = $_GET['page'] ? max(intval($_GET['page']), 1) : 1;

	$article_list = article_list($count, $perpage, $page, $wheresql, $ordersql);
	$articlecat_select = articlecat_select('tocatid', false);
	$multipage = multi($count, $perpage, $page, $mpurl);
	
	include template('article_list', 'admin');
	
} elseif($operation == 'trash') {
	
	if(submitcheck('batchsubmit')) {
	
		$ids = dimplode($_POST['ids']);

		if(!$ids && $_POST['optype'] != 'clear') {
			cpmsg('article_choose_at_least_one_article', 'action=article&operation=trash', 'error');
		}
		if(!$_POST['optype']) {
			cpmsg('article_choose_at_least_one_operation', 'action=article&operation=trash', 'error');
		}
		
		if($_POST['optype'] == 'recover') {
			
			DB::delete('article', "aid IN($ids)");
			DB::delete('article_index', "aid IN($ids)");
			DB::query('INSERT INTO '.DB::table('article').' SELECT * FROM '.DB::table('article_trash')." WHERE aid IN($ids)");
			DB::query('INSERT INTO '.DB::table('article_index').' SELECT aid, catid FROM '.DB::table('article_trash')." WHERE aid IN($ids)");
			DB::delete('article_trash', "aid IN($ids)");
			
			if(DB::affected_rows()) {
				cpmsg('article_trash_recover_succeed', 'action=article&operation=trash', 'succeed');
			} else {
				cpmsg('article_trash_recover_error', 'action=article&operation=trash', 'error');
			}
			
		} elseif($_POST['optype'] == 'delete') {
			
			delete_trash_article($ids);
			cpmsg('article_trash_delete_succeed', 'action=article&operation=trash', 'succeed');
			
		} elseif($_POST['optype'] == 'clear') {
		
			clear_trash();
			cpmsg('article_trash_is_empty', 'action=article&operation=trash', 'succeed');
		}
	}
	
	$perpage = 15;
	$page = $_GET['page'] ? max(intval($_GET['page']), 1) : 1;
	$start = ($page - 1) * $perpage;
	
	$count = DB::getOne("SELECT COUNT(*) FROM ".DB::table('article_trash'));
	$article_list = DB::getAll("SELECT * FROM ".DB::table('article_trash')." ORDER BY aid DESC LIMIT $start,$perpage");
	
	$articlecat_select = articlecat_select('tocatid', false);
	$multipage = multi($count, $perpage, $page, $mpurl);
	
	include template('article_list', 'admin');

} elseif($operation == 'add') {
	
	if(submitcheck('articlesubmit')) {
		
		$catid = intval($_POST['catid']);
		
		if(!$_POST['title']) {
			cpmsg('article_title_empty', 'action=article&operation=list', 'error');
		}
		
		if($_POST['tag']) {
			$_POST['tag'] = make_tag($_POST['tag']);
		}
		
		if($_POST['conver']) {
			$conver = unserialize(stripslashes($_POST['conver']));
			$_POST['pic'] = addslashes($conver['pic']);
			$_POST['remote'] = intval($conver['remote']);
		}
		
		$_POST['uid'] = $_SESSION['uid'];
		$_POST['username'] = $_SESSION['username'];
		$_POST['dateline'] = $_POST['dateline'] ? strtotime($_POST['dateline']) : TIMESTAMP;
		
		if($aid = DB::insert('article', $_POST)) {
			
			if($_POST['attach_ids']) {
				$newaids = array();
				$_POST['attach_ids'] = explode(',', $_POST['attach_ids']);
				foreach ($_POST['attach_ids'] as $newaid) {
					$newaid = intval($newaid);
					if($newaid) $newaids[] = $newaid;
				}
				if($newaids) {
					DB::update('article_attachment', array('aid'=>$aid), "attachid IN (".dimplode($newaids).") AND aid='0'");
				}
			}
			DB::query('UPDATE '.DB::table('articlecat')." SET articles=articles+1 WHERE catid='$catid'");
			DB::insert('article_index', array('aid'=>$aid, 'catid'=>$catid), true);
			
			cpmsg('article_add_succeed', 'action=article&operation=list', 'succeed');
		} else {
			cpmsg('article_add_error', 'action=article&operation=list', 'error');
		}
	}
	
	$article['dateline'] = dgmdate(TIMESTAMP, 'Y-n-j H:i');
	$articlecat_select = articlecat_select('catid', false, $_GET['catid']);
	include libfile('class/editor');
	$editor = editor::instance();
	$content_editor = $editor->create('content');
	
	include template('article_form', 'admin');
	
} elseif($operation == 'edit') {
	
	$aid = intval($_GET['aid']);
	$catid = intval($_POST['catid']);
	
	if(submitcheck('articlesubmit')) {
				
		if(!$_POST['title']) {
			cpmsg('article_title_empty', 'action=article&operation=list', 'error');
		}
		
		if($_POST['conver']) {
			$conver = unserialize(stripslashes($_POST['conver']));
			$_POST['pic'] = addslashes($conver['pic']);
			$_POST['remote'] = intval($conver['remote']);
		}
		
		if($_POST['tag']) {
			$_POST['tag'] = make_tag($_POST['tag']);
		}
		
		$_POST['dateline'] = $_POST['dateline'] ? strtotime($_POST['dateline']) : TIMESTAMP;
		if(DB::update('article', $_POST, "aid='$aid'")) {
			
			if($_POST['attach_ids']) {
				$newaids = array();
				$_POST['attach_ids'] = explode(',', $_POST['attach_ids']);
				foreach ($_POST['attach_ids'] as $newaid) {
					$newaid = intval($newaid);
					if($newaid) $newaids[] = $newaid;
				}
				if($newaids) {
					DB::update('article_attachment', array('aid'=>$aid), "attachid IN (".dimplode($newaids).") AND aid='0'");
				}
			}
			
			DB::update('article_index', array('catid'=>$catid), "aid='$aid'");
			
			cpmsg('article_edit_succeed', 'action=article&operation=list', 'succeed');
		} else {
			cpmsg('article_edit_error', 'action=article&operation=list', 'error');
		}
		
	}
	
	$article = DB::getRow("SELECT * FROM ".DB::table('article')." WHERE aid='$aid'");	
	$article['dateline'] = dgmdate($article['dateline']);
	$article['tag'] = parse_tag($article['tag']);

	$articlecat_select = articlecat_select('catid', false, $article['catid']);
	include libfile('class/editor');
	$editor = editor::instance();
	$content_editor = $editor->create('content', $article['content']);
	
	$article['attach_image'] = $article['attach_file'] = '';
	$query = DB::query("SELECT * FROM ".DB::table('article_attachment')." WHERE aid='$aid' ORDER BY attachid DESC");
	while ($value = DB::fetch($query)) {
		if($value['isimage']) {
			if($article['pic']) {
				$value['pic'] = $article['pic'];
			}
			$article['attach_image'] .= get_uploadcontent($value);
		} else {
			$article['attach_file'] .= get_uploadcontent($value);
		}
	}
	
	include template('article_form', 'admin');
	
} elseif($operation == 'tag') {
	
	if(submitcheck('articletagsubmit')) {
		DB::query("UPDATE ".DB::table('setting')." SET svalue='".addslashes(serialize($_POST['tag']))."' WHERE skey='article_tag'");
		include_once libfile('function/cache');
		updatecache('setting');
		cpmsg('articletag_update_succeed', 'action=article&operation=tag', 'succeed');
	}
	
	$tags = $_G['setting']['article_tag'];	
	include template('article_tag', 'admin');
}

?>